home02: add forgejo

modules/homelab/forgejo.nix

@@ -0,0 +1,57 @@
+{ lib, ... }:
+
+{
+  flake.modules.nixos.server-forgejo =
+    { config, ... }:
+    let
+      cfg = config.homelab.services.forgejo;
+
+      inherit (lib)
+        mkEnableOption
+        mkOption
+        mkIf
+        types
+        ;
+    in
+    {
+      options.homelab.services.forgejo = {
+        enable = mkEnableOption "Enable forgejo";
+
+        cloudflareTunnelId = mkOption {
+          type = types.str;
+        };
+
+        domain = mkOption {
+          type = types.str;
+        };
+
+        sshDomain = mkOption {
+          type = types.str;
+        };
+      };
+
+      config = mkIf cfg.enable {
+        services.forgejo = {
+          enable = true;
+
+          settings = {
+            server = {
+              DOMAIN = cfg.domain;
+              LANDING_PAGE = "explore";
+              ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}";
+              SSH_DOMAIN = cfg.sshDomain;
+            };
+
+            service.DISABLE_REGISTRATION = true;
+
+            ui.DEFAULT_THEME = "forgejo-auto";
+          };
+        };
+
+        services.cloudflared.tunnels.${cfg.cloudflareTunnelId}.ingress = {
+          "${config.services.forgejo.settings.server.DOMAIN}" =
+            "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";
+        };
+      };
+    };
+}

modules/hosts/homelab/home02/configuration.nix

@@ -9,8 +9,23 @@
 
         nginx-oliverdavies-uk
         nginx-ponthir-taekwondo
+        server-forgejo
       ];
 
+      homelab.services =
+        let
+          cloudflareTunnelId = "c1537889-81ac-4d41-b80d-9657f8db30c7";
+        in
+        {
+          forgejo = {
+            inherit cloudflareTunnelId;
+
+            domain = "git.oliverdavies.uk";
+            enable = true;
+            sshDomain = "ssh.oliverdavies.uk";
+          };
+        };
+
       nix.settings = {
         auto-optimise-store = true;